[pkg-opensc-maint] Bug#922650: Bug#922650: opensc-pkcs11: fails to work with dual CAC PIV cards
Eric Dorland
eric at debian.org
Mon Mar 4 06:14:38 GMT 2019
Hi,
I'm a bit reluctant to take sure a significant patch set that hasn't
been in a release. Can you elaborate on the consequences of not taking
it?
* A. Maitland Bottoms (bottoms at debian.org) wrote:
> Package: opensc-pkcs11
> Version: 0.19.0-1
> Severity: important
> Tags: patch
>
> Dear Maintainer,
>
> Recent PIV enabled CAC cards are not handled by the opensc 0.19.0
> release. Yet all current CAC cards are scheduled to enable PIV
> authentication by March 31, 2019.
>
> For users of these cards, this bug is of grave severity.
>
> This problem has been solved recently upstream
> https://github.com/OpenSC/OpenSC
> although the fixes have not yet been included in an upstream release.
>
> I have cherry-picked from upstream commits a small set that provides
> working card support. It works for me using
> pkcs11-tool --module /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so -l -t
> ssh-keygen -D /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so
> ssh -I /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so
> and Firefox browser smart card token support.
>
> Attached is a debdiff of my test package.
>
> I think Buster will be much better if we can release it with support
> for this use case.
>
> Thanks,
> -Maitland
>
> enc: opensc-pkcs11-Dual-CAC-PIV-and-PIVK-support.debdiff
> _______________________________________________
> pkg-opensc-maint mailing list
> pkg-opensc-maint at alioth-lists.debian.net
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-opensc-maint
--
Eric Dorland <eric at kuroneko.ca>
43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
More information about the pkg-opensc-maint
mailing list